If you are a Restaurant Depot customer, don’t open that phishing email

Updated: Reports suggest the potential compromise of a mailing list with malicious invoices landing in client inboxes.

The true cost of a data breach in 2019 Wendi Whitmore, IBM X-Force global lead for incident response and intelligence services, talks to Tonya Hall about how the cost of data breaches is determined by the time it takes to detect and respond to the breach.

Restaurant Depot customers are reporting phishing emails sent from what appears to be the wholesaler's mailing list. 

On Tuesday, customers took to Twitter with queries concerning strange emails that landed in their inboxes which appeared to be from Restaurant Depot. 

The phishing emails, as basic as they are, inform customers that they have an invoice worth thousands of dollars to pay, and the amount will be taken out of their accounts in the near future. 

Based in College Point, NY, Restaurant Depot is a members-only wholesale cash & carry provider of goods to commercial food service entities including equipment, point of sale (PoS) systems, and refrigeration units. 

CNET: The pivot to privacy could come with a $100 million grant

As the case with phishing emails in general, the link to the 'invoice' is malicious and recipients of the messages, which make use of a spoofed Restaurant Depot email address, should not click the link or pay the email any heed. 

An example of the phishing email forwarded to ZDNet is below, and included the spoofed Restaurant Depot restaurantdepot@jetrord.com email address, the customer's trading name, and address (redacted):

screenshot-2019-09-17-at-16-45-20.png

Another example posted online demanded an invoice payment of $1924.04. Some customers have received more than one suspicious email.

On Twitter, one user said they had managed to get through to the company and that the wholesaler is aware of the email list compromise, adding "It's pretty big, the breach."

TechRepublic: 33% of executives don't trust their organization to protect employee data

Update 7.19 BST: ZDNet requested comment from Restaurant Depot and received the following boilerplate statement:

"Thank you for contacting us regarding the email you received that appears to be from us indicating an invoice is due.  That email is NOT from us.  Please delete it without opening.  Please be assured that we are taking steps to find the culprit and will do everything in our power to prevent this from happening in the future.  Thank you as always for your business."

Previous and related coverage


Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0